2009 National Cyber Security Symposium
Download
Report
Transcript 2009 National Cyber Security Symposium
Securing Your Personal
Computer
Brandon Cain, Data Security Coordinator
Overview
Welcome & Introductions
Operating System Updates
Anti-virus/Anti-spyware
Firewalls
User Permissions
Wireless Networks
Internet Safety
Email Security
Strong Passwords
Document Backup
Questions & Answers
Tips for Secure Computing
Information Security’s tips for students regarding secure computing:
Physical security is the first line of defense.
Check for operating system updates frequently.
Install anti-virus software and keep the definitions up-to-date.
Configure the firewall that came with your operating system, or use a
trustworthy third party firewall.
Use safe searches to avoid explicit content or unsafe sites, and consider using a
third party add-on to ensure safe browsing.
Verify legitimacy of files before downloading and don’t download copyrighted
material illegally.
UAB’s Information Security organization is responsible for helping the UAB
community protect information. Visit www.uab.edu/informationsecurity for
additional information on security related topics.
Operating System Updates
(Automatic)
Consistently install updates and patches to correct OS vulnerabilities.
- Turn on automatic updates from the desktop.
Operating System Updates
(Automatic)
Turn on updates in the security center.
- Click Start>Control Panel>Security Center
Operating System Updates
(Manual)
To manually install updates:
- Click Start > All Programs > Microsoft Update
- Click “Express” or “Custom” and follow the prompts.
Anti-virus Software: Microsoft
Forefront
UAB IT offers an extensive library of software for free or at discounted
pricing, including anti-virus protection via Microsoft Forefront for
Windows or Sophos for Mac
•
•
•
•
•
Features:
Integrated anti-virus/anti-Spyware
Malware removal / system recovery
Real-time protection
Scheduled and on-demand scans
FREE for UAB students, faculty and
staff
•
•
Important User Settings:
Automatic definition updates
Apply recommended actions
http://main.uab.edu/Sites/it/internal/students/software/
Anti-Virus Software: Students
Anti-Virus requirements for students in residence halls
In order to connect to ResNET or uabwifi-nac, students’ computers (with the
exception of Macs) will need to have one of the following anti-virus
applications with up-to-date definitions:
• Microsoft Forefront
• McAfee
• Norton (Symantec)
• AVG
Download Microsoft Forefront http://main.uab.edu/Sites/it/internal/all/software-library/ (you will need to enter
your BlazerID and strong password).
You may also call UAB’s AskIT Help Desk at 205-996-5555, to schedule an
appointment for assistance in meeting this requirement.
Anti-spyware: Symptoms
If you observe any of the following symptoms on your Windows computer,
spyware could be the cause:
You may see many more pop-up advertising windows than usual.
Your web browser may go to sites you do not expect.
Several other symptoms could indicate spyware or another type of infection, such as
a virus:
• Your system may seem sluggish or become unstable.
• Network traffic on your system may increase.
To protect your computer from spyware, choose tools that have been widely used and favorably reviewed. Don't
accept tools that are offered in popup windows; these are often spyware in disguise. Some reputable review and
download sites are:
- SpywareGuide – http://www.spywareguide.com/
- SpyChecker - http://www.spychecker.com/software/antispy.html
- Spyware Center - http://download.cnet.com/windows/security-software/?tag=dir
Anti-spyware: Spybot and Ad-Aware
Two of the most popular
www.safer-networking.org
http://lavasoft.com/
Anti-virus Response: Students
If you suspect that your computer has been infected by malware or otherwise
compromised, do the following:
Disconnect the computer from the network.
Run anti-virus and anti-spyware software on the computer.
If malware is detected, contact the UAB AskIT Help Desk at 205-996-5555, or
email to [email protected].
If no malware is detected, perform self-remediation and attempt to determine the
root cause.
Have you recently installed something that may have created a vulnerability?
Are you using weak passwords on any of your user accounts?
Have your Operating System (OS) and applications been patched and
updated on a regular basis?
If the Information Security Office determines that your system is infected, you will be
contacted by them or the AskIT Help Desk, and will be required to conduct a
reinstallation of your system before you can be reconnected to the UAB network.
Anti-virus Response: Faculty/Staff
If you suspect that your computer has been infected by malware or otherwise
compromised, do the following:
Disconnect the computer from the network.
Do not turn off your computer.
Do not run anti-virus and anti-spyware software on the computer.
Contact your department’s technical support staff or the UAB AskIT Help
Desk at 205-996-5555, or email to [email protected].
For possible compromise of sensitive UAB data, your technical support
staff must call the Information Security Office at 205-975-0842, or email to
[email protected].
If the Information Security Office determines that your system is infected, you
will be contacted by them or AskIT Help Desk, and will be required to conduct
a reinstallation of your system before you can be reconnected to the UAB
network.
Firewalls - Windows
Access firewall settings in
the Control Panel.
Turn on the firewall.
You can add exceptions if
a program you normally use
is being blocked.
3rd party firewall Options:
• www.comodo.com/
• www.zonealarm.com
• www.tallemu.com
• www.sunbeltsoftware.com
Update Applications: FileHippo
FileHippo.com is a popular site the provides visitors with a simple
method for downloading the newest version of software applications.
www.filehippo.com
Update Applications: FileHippo
Download the update checker to scan your
computer for installed software and search
for newer releases.
The latest versions are then neatly
displayed in your browser for you to
download.
www.filehippo.com
Update Applications: Ccleaner
Ccleaner is a freeware system optimization, privacy and cleaning tool that
removes unused files from your system, and cleans traces of online
activities.
www.ccleaner.com
Limit User Permissions
Disable the guest account
Rename the administrator account
Create “user” level accounts
Wireless Network Security Issues
Free/Public WiFi
Home/Private WiFi
Hosts that offer complimentary The default settings on home
wireless often implement the
wireless products are usually
service with little to no security
not configured to be secure or
in mind.
private.
Even if some security
If configured properly, your
mechanism is in place, it can be
home wireless network will be
circumvented.
protected from the average
user.
An intruder with the proper
knowledge and tools can still
circumvent security
mechanisms.
Wireless Recommendations
Change the default username and password on the
router.
Change the wireless network SSID.
Ensure remote administration is disabled.
Enable an encryption protocol.
Set a strong encryption key.
Optional:
Enable MAC address filtering and allow only the
addresses that you specify.
Disable SSID broadcasting.
SSID & Remote Administration
Change the wireless SSID
Don’t use anything that identifies you, your location or the
technology that you use.
Don’t use a name that would invite an intruder (i.e. supersecret or h4Xm3plz).
Don’t repeat use of any of your other passwords.
Remote administration
Most routers provide a means of configuring it remotely
using an IP address and a port number. If this is enabled,
then anyone on the Internet can connect to your router
and reconfigure it.
Enable Encryption & Set a Strong Key
Wired Equivalency Privacy (WEP) – an old encryption standard that
is considered outdated and seriously flawed. It’s better than using
nothing at all.
WEP 128 – uses a 26-digit hexadecimal string (0-9 and A-F)
WiFi Protected Access (WPA) – a newer encryption standard that
provides better protection than WEP
WPA2 – the latest encryption standard that forces the use of the
AES-CCMP algorithm.
WPA-PSK & WPA2-PSK – both use a passphrase between 8 and
63 characters, or a 64-digit hexadecimal string. A popular
belief is that the passphrase should be 13(+) random
characters.
Internet Safety
Be sure to look for the yellow padlock to indicate a secure, encrypted
transmission when sending sensitive data.
Do not click on pop-up windows.
Do not auto-save your username or password to ANY site.
Do not post anything to social networking sites that you don’t want the
whole world seeing, including future employers.
Be mindful of adding people you don’t know or can’t recall to any
friend or contact list.
Browser Security Settings
Don’t auto-save any passwords
Don’t save form data
Delete Cookies and History regularly
Don’t add extra toolbars
Pay attention to links on websites
Email Security
Set up a “junk” account for use with online forms and mailing
lists.
Do not open unsolicited emails.
Beware of pictures and videos in unsolicited emails.
Always activate your spam filters.
Be very careful of email spoofs, hoaxes, and watch out for
phishing emails.
Strong Passwords and Passphrases
Follow these simple tips when creating your individual password:
Use at least 6-8 characters.
Use a combination of letters, numbers and special characters.
Do not use common words or personal information.
Consider passphrases for creating strong passwords:
For example, use the first letter of each word found in a favorite
quote or song lyric.
“Oh, When the Saints Go Marching In,” password would be:
OWTSGMI.
The strength of the password is improved by changing letters to
numbers or special characters: OWT$GM1.
Document Backup
Back up your documents on a regular basis.
The easiest way is to purchase an external hard drive,
CDs/DVDs or other media where you can store a copy of all
your important data.
This becomes very important in the event you have to
perform a reinstallation due to a virus infection or a system
crash.